Results 1 to 6 of 6

Thread: What do I do?

Hybrid View

  1. #1
    Join Date
    Aug 2001
    Location
    Connecticut
    Posts
    242

    What do I do?

    Here's the delemma.

    For the past 2 weeks, i've been up and down days at a time with AtWebhost... I call, and they are like "well its because your server isnt patched" -- okay, $35, they work on it offline, and its back up... less than 16 hours later, im back down again, i terminal service in, and reboot... Back online for another 16 hours... I repeated this step over and over, until today, i called at like 11am, and got home at 7:30, and im still down. I call them again, they tell me im doing 15mb on the server, and my box is taking down the network because im doing DOS attacks ???

    Now they tell me I need a firewall, anyone have any recommendations for a free firewall?

    And whats the deal, am I getting screwed here?

  2. #2
    Join Date
    Nov 2002
    Posts
    58
    Someone is attacking you! You should try to figure out the IP and black list them.

  3. #3
    Join Date
    Aug 2001
    Location
    Connecticut
    Posts
    242
    Here's the new delemma --- I called again and told them i'd be leaving atwebhost, and asked them to somehow turn back on my server so I could get my data. That was last night, and it has yet to be done.

    What should my course of action be?

  4. #4
    Join Date
    Nov 2001
    Posts
    5,383
    Do a netstat on the server to see what the origin of the attack and block them out using IPchains.
    Clustered Hosting With Continuous Data Protection (CDP)
    http://www.solidinternet.com
    8 Years of hosting excellence!

  5. #5
    Join Date
    Aug 2001
    Location
    Connecticut
    Posts
    242
    Im talking about getting my data back and away from Atwebhost

  6. #6
    Whether you are with atwebhost or not you need to learn how to secure your box or this is going to happen again unless you pay someone to manage your server. It dosen't matter if you host your box at home or in a large datacenter. You have an open box, you're going to be owned.

    Ask them to see if you can get onto the box and do a netstat. Find out what processes are running so this doesn't happen again.

    A datacenter is going to be very reluctant to plug back in a box that has been hacked though, so you might be out of luck. That one box can take down other customers on their network. They're losing one customer here already... would it be smart to turn that server back on so that other servers go down on their network and they lose 20 more customers because of an unpatched box?

    You do have backups right?

    Free firewall

    Bastille Linux
    http://www.bastille-linux.org
    www.square-network.com www.squarenetwork.com
    Now available in regular and dehyphenated.
    May 2003 Member of the Month
    Useless Community Liason Ever Since.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •